===========================================================================
SCO Security Bulletin 97:01
June 11, 1997
Vulnerability in /usr/bin/at
---------------------------------------------------------------------------
The Santa Cruz Operation has discovered the following problem present in
our software:
I. Description
A programming error in /usr/bin/at has been identified which could
allow unauthorized access to the system. The resulting access could lead
to unauthorized root access to the system.
II. Impact
Any user with an account on the system may be able to gain
unauthorized access to system or user files, which may then lead to
unauthorized root access.
Although there have been no reported instances of this vulnerability
being exploited on SCO operating systems, the potential for security
compromise does exist, and the patch should be applied as soon as possible.
III. Releases
This problem exists on all current releases of SCO operating systems:
- SCO CMW+ 3.0
- SCO Open Desktop/Open Server 3.0, SCO UNIX 3.2v4
- SCO OpenServer 5.0
- SCO UnixWare 2.1
IV. Solution
SCO is providing interim patches to address this issue in the form
of a System Security Enhancement (SSE) package. The SSE package
includes patches for all operating systems listed above.
Currently the SSE package is available for Internet download via
anonymous ftp, and from the SCOFORUM on Compuserve.
if you are for some reason unable to access or install the patches,
you should temporarily disable /usr/bin/at by running the following
command as the root user:
# chmod 0 /usr/bin/at
You can download the SSE package as follows:
Anonymous ftp (World Wide Web URL)
-------------
ftp://ftp.sco.COM/SSE/sse007.ltr.Z (cover letter, compressed)
ftp://ftp.sco.COM/SSE/sse007.tar.Z (new binaries, compressed tar file)
Compuserve
----------
GO SCOFORUM, and search the file library for these filenames:
SSE007.LTZ (cover letter, compressed)
SSE007.TAZ (new binaries, compressed tar file)
Checksums
---------
sum -r
65345 3 sse007.ltr.Z
49079 234 sse007.tar.Z
Updates:
This bulletin is available for anonymous ftp download from
ftp://ftp.sco.COM/SSE/security_bulletins/SB.97:01b, and will be
updated as new information becomes available.
June 16, 1997 - updated patch availability information.
Further Information:
If you have further questions, contact your support provider. If you
need to contact SCO, please send electronic mail to support@sco.COM, or
contact SCO as follows.
USA/Canada: 6am-5pm Pacific Time (PST/PDT)
-----------
1-800-347-4381 (voice)
1-408-427-5443 (fax)
Pacific Rim, Asia, and Latin American customers: 6am-5pm Pacific
------------------------------------------------ Time (PST/PDT)
1-408-425-4726 (voice)
1-408-427-5443 (fax)
Europe, Middle East, Africa: 9am-5:30pm UK Time (GMT/BST)
----------------------------
+44 (0)1923 816344 (voice)
+44 (0)1923 817781 (fax)